OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Vuln-Dev Archives: Re: Secure coding in C (was Re: Administrivi

Re: Secure coding in C (was Re: Administrivia #4883)

Subject: Re: Secure coding in C (was Re: Administrivia #4883)
From: Brian Kifiak (bkLOCALHOST.CA)
Date: Sun Jan 16 2000 - 14:13:14 CST

* Blue Boar (BlueBoarTHIEVCO.COM) [01/15/00 22:12]:
> Bennett Todd wrote:
> >
> > char *a = something();
> > char *b = something_else();
> > int len = strlen(a) + strlen(b);
> > char *c = malloc(len + 1) || die("malloc");
> > (void) strcat(strcpy(c, a), b);
>
> If you have any reasonable idea what a maximum size for a or b might
> be, then this could be better. As it is, if I'm trying to DoS you
> but sending huge strings, you've made it that much easier by doubling
> the amount of RAM needed. Since you're limiting yourself to MAXINT
> anyway, you should check that against the sizes of a and b before
> you malloc.

This is ludicrous. There seems to be quite a bit of disagreement over the
proper way to handle this situation. I find it hard to believe that there's
not an easy way to do this securely. I'm troubled by all of the complex
solutions and lack of clarity that's getting spewed about. Not everyone can
follow this discussion, and I doubt newer programmers would want to use
such a large magnitude of steps to do something quite simple.

Is there an easier way to do this? (I'm understanding what you're talking about
but I don't yet know enough about the language to come to a reasonable
solution.)

-bk

This archive was generated by hypermail 2b27 : Sun Jan 16 2000 - 21:13:56 CST